Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-35533

mise manages dev tools like node, python, cmake, and terraform. From 2026.2.18 through 2026.4.5, mise loads trust-control settings from a local project .mise.toml before the trust check runs. An attacker who can place a malicious .mise.toml in a repository can make that same file appear trusted and then reach dangerous directives such as [env] _.source, templates, hooks, or tasks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.4%
CVSS Severity
CVSS v3 Score 7.7
Products affected by CVE-2026-35533
  • Jdx » Mise » Version: 2026.2.18
    cpe:2.3:a:jdx:mise:2026.2.18
  • Jdx » Mise » Version: 2026.2.19
    cpe:2.3:a:jdx:mise:2026.2.19
  • Jdx » Mise » Version: 2026.2.20
    cpe:2.3:a:jdx:mise:2026.2.20
  • Jdx » Mise » Version: 2026.2.21
    cpe:2.3:a:jdx:mise:2026.2.21
  • Jdx » Mise » Version: 2026.2.22
    cpe:2.3:a:jdx:mise:2026.2.22
  • Jdx » Mise » Version: 2026.2.23
    cpe:2.3:a:jdx:mise:2026.2.23
  • Jdx » Mise » Version: 2026.2.24
    cpe:2.3:a:jdx:mise:2026.2.24
  • Jdx » Mise » Version: 2026.3.0
    cpe:2.3:a:jdx:mise:2026.3.0
  • Jdx » Mise » Version: 2026.3.1
    cpe:2.3:a:jdx:mise:2026.3.1
  • Jdx » Mise » Version: 2026.3.10
    cpe:2.3:a:jdx:mise:2026.3.10
  • Jdx » Mise » Version: 2026.3.11
    cpe:2.3:a:jdx:mise:2026.3.11
  • Jdx » Mise » Version: 2026.3.12
    cpe:2.3:a:jdx:mise:2026.3.12
  • Jdx » Mise » Version: 2026.3.13
    cpe:2.3:a:jdx:mise:2026.3.13
  • Jdx » Mise » Version: 2026.3.14
    cpe:2.3:a:jdx:mise:2026.3.14
  • Jdx » Mise » Version: 2026.3.15
    cpe:2.3:a:jdx:mise:2026.3.15
  • Jdx » Mise » Version: 2026.3.16
    cpe:2.3:a:jdx:mise:2026.3.16
  • Jdx » Mise » Version: 2026.3.17
    cpe:2.3:a:jdx:mise:2026.3.17
  • Jdx » Mise » Version: 2026.3.18
    cpe:2.3:a:jdx:mise:2026.3.18
  • Jdx » Mise » Version: 2026.3.2
    cpe:2.3:a:jdx:mise:2026.3.2
  • Jdx » Mise » Version: 2026.3.3
    cpe:2.3:a:jdx:mise:2026.3.3
  • Jdx » Mise » Version: 2026.3.4
    cpe:2.3:a:jdx:mise:2026.3.4
  • Jdx » Mise » Version: 2026.3.5
    cpe:2.3:a:jdx:mise:2026.3.5
  • Jdx » Mise » Version: 2026.3.6
    cpe:2.3:a:jdx:mise:2026.3.6
  • Jdx » Mise » Version: 2026.3.7
    cpe:2.3:a:jdx:mise:2026.3.7
  • Jdx » Mise » Version: 2026.3.8
    cpe:2.3:a:jdx:mise:2026.3.8
  • Jdx » Mise » Version: 2026.3.9
    cpe:2.3:a:jdx:mise:2026.3.9
  • Jdx » Mise » Version: 2026.4.0
    cpe:2.3:a:jdx:mise:2026.4.0
  • Jdx » Mise » Version: 2026.4.1
    cpe:2.3:a:jdx:mise:2026.4.1
  • Jdx » Mise » Version: 2026.4.2
    cpe:2.3:a:jdx:mise:2026.4.2
  • Jdx » Mise » Version: 2026.4.3
    cpe:2.3:a:jdx:mise:2026.4.3
  • Jdx » Mise » Version: 2026.4.4
    cpe:2.3:a:jdx:mise:2026.4.4
  • Jdx » Mise » Version: 2026.4.5
    cpe:2.3:a:jdx:mise:2026.4.5


Products
Pricing
Contact Us

Shodan ® - All rights reserved